<?php
class ModelAccountUser extends Model {
	
	public function addUser($data) {
		
		$sql = "INSERT INTO " . DB_PREFIX . "user SET conf_id='" . (int)$this->config->get('config_conf_id') . "', firstname='" . $this->db->escape($data['firstname']) . 
		"',middlename='" . $this->db->escape($data['middlename']) . "',lastname='" . $this->db->escape($data['lastname']) . "', gender='" . $this->db->escape($data['gender']) . 
		"',name='" . $this->db->escape($data['name']) . "',title='" . $this->db->escape($data['title']) . "',email='" . $this->db->escape($data['email']) . 
		"',company='" . $this->db->escape($data['company']) . "',country_id='" . (int)$data['country_id'] . "', zone='" . $this->db->escape($data['zone']) . 
		"', address_1='" . $this->db->escape($data['address_1']) . "',address_2='" . $this->db->escape($data['address_2']) . "', city='" . $this->db->escape($data['city']) .
		"', postcode='" . $this->db->escape($data['postcode']) . "',website='" . $this->db->escape($data['website']) . "', telephone='" . $this->db->escape($data['telephone']) . 
		"', fax='" . $this->db->escape($data['fax']) . "', password='" . $this->db->escape(md5($data['password'])) . "', ip='" . $this->db->escape($this->request->server['REMOTE_ADDR']) . 
		"', status='1', date_added=NOW()"; 
		
		$this->db->query($sql);
	}
	
	public function editUser($data) {
		
		$sql = "UPDATE " . DB_PREFIX . "user SET firstname='" . $this->db->escape($data['firstname']) .
		"',middlename='" . $this->db->escape($data['middlename']) . "',lastname='" . $this->db->escape($data['lastname']) . "', gender='" . $this->db->escape($data['gender']) . 
		"',name='" . $this->db->escape($data['name']) . "',title='" . $this->db->escape($data['title']) . "',email='" . $this->db->escape($this->user->getEmail()) .
		"',company='" . $this->db->escape($data['company']) . "',country_id='" . (int)$data['country_id'] . "', zone='" . $this->db->escape($data['zone']) .
		"', address_1='" . $this->db->escape($data['address_1']) . "',address_2='" . $this->db->escape($data['address_2']) . "', city='" . $this->db->escape($data['city']) .
		"', postcode='" . $this->db->escape($data['postcode']) . "',website='" . $this->db->escape($data['website']) . "', telephone='" . $this->db->escape($data['telephone']) .
		"', fax='" . $this->db->escape($data['fax']) . "' WHERE user_id='" . (int)$this->user->getId() . "'";
		
		$this->db->query($sql);
	}
	
	public function generateNewPassword($email, $password) {
		$sql = "UPDATE " . DB_PREFIX . "user SET password='" . $this->db->escape(md5($password)) . "' WHERE email='" . $this->db->escape($email) . "'";
		
		$this->db->query($sql);
	}
	
	public function editPassword($email, $password, $oldpassword) {
		$sql = "UPDATE " . DB_PREFIX . "user SET password='" . $this->db->escape(md5($password)) . "' WHERE email='" . $this->db->escape($email) . "' AND password='" . $this->db->escape(md5($oldpassword)) . "'";
		
		$this->db->query($sql);
		
		return $this->db->countAffected();
	}
	
	public function getUser($user_id) {
		$sql = "SELECT * FROM " . DB_PREFIX . "user WHERE user_id='" . (int)$user_id . "'";
		$query = $this->db->query($sql);
		
		return $query->row; 
	}
	
	public function getUserByEmail($email) {
		$sql = "SELECT * FROM " . DB_PREFIX . "user WHERE email='"  . $this->db->escape($email) . "'";
		$query = $this->db->query($sql);
		
		return $query->row;
	}
	
	public function getTotalUsersByEmail($email) {
		$sql = "SELECT COUNT(*) AS total FROM " . DB_PREFIX . "user WHERE LOWER(email)='" . $this->db->escape(strtolower($email)) . "'";
		$query = $this->db->query($sql);
		
		return $query->row['total'];
	}
}